Even seasoned cybersecurity reporters can get duped by a well-crafted scam email. Here’s how I unraveled this one, step by step. Can you spot all the red flags?
I write about cybersecurity and online scams daily, so my inbox is always filled with a healthy mix of story pitches from public relations professionals, scam messages, and phishing attempts. Unfortunately, it’s not always easy to tell them apart.
Recently, I received a PR pitch about romance scammers, and I’ll admit, on first glance, it seemed like the basis for a great story. However, after I paused to read the message again, all I saw were red flags. Let’s read the email together and identify all the signs of a possible scam in progress.The Anatomy of a Scam Email: What to Watch For
Hover over the dots on the image below to see each possible scam indicator:
Now, let’s dissect the red flags that brought my morning inbox scroll to a halt.A Free, Generic Email Address
First, the email address is a last name + first name address from Gmail. Although I occasionally receive emails from work contacts’ free personal accounts, most PR professionals make their initial contact using an email address with a corporate domain, which immediately raises my suspicions.Suspicious-Looking Social Media
Next, I examined the sender’s social media presence. The X account in the email hasn’t posted publicly since 2021. The last replies were in 2023, asking journalists for their email addresses. Typically, PR professionals do not include inactive social media accounts in their email signatures.
An anemic online presence alone isn’t cause for suspicion (I shut down my personal social media account a couple of years ago). Maybe the sender simply wanted to receive fewer scam calls and texts from criminals trawling the public web for potential victims. That said, my suspicions escalated when I scrolled through their Twitter profile and discovered that it had been posting spammy-looking links to Minecraft giveaways since 2016.
Unlike most PR professionals, the sender (who has a very unusual name) doesn’t have an online presence beyond a single Quora answer from several years ago, a comment on a dating app support site advertising a profile unblocking app, and the aforementioned defunct Twitter profile. For privacy, I’ve redacted the name and contact information of the sender, as well as any pictures from the sender’s social media accounts.
